# Contributor: tcely <tcely@users.noreply.github.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=botan
pkgver=2.19.5
pkgrel=0
pkgdesc="Crypto and TLS for C++11"
url="https://botan.randombit.net/"
arch="all"
license="BSD-2-Clause"
depends_dev="boost-dev bzip2-dev sqlite-dev xz-dev zlib-dev"
makedepends="$depends_dev python3"
subpackages="$pkgname-dev $pkgname-doc $pkgname-libs"
source="https://botan.randombit.net/releases/Botan-$pkgver.tar.xz
	test_tls_stream_integration-timout_patch
	"
builddir="$srcdir/Botan-$pkgver"

# secfixes:
#   2.19.5-r0:
#     - CVE-2024-34702
#     - CVE-2024-39312
#   2.19.4-r0:
#     - CVE-2024-34703
#   2.18.1-r3:
#     - CVE-2021-40529
#   2.17.3-r0:
#     - CVE-2021-24115
#   2.9.0-r0:
#     - CVE-2018-20187
#   2.7.0-r0:
#     - CVE-2018-12435
#   2.6.0-r0:
#     - CVE-2018-9860
#   2.5.0-r0:
#     - CVE-2018-9127

prepare() {
	default_prepare

	case "$CARCH" in
	loongarch64|riscv64)
		patch src/tests/test_tls_stream_integration.cpp \
		"$srcdir"/test_tls_stream_integration-timout_patch
		;;
	esac
}

build() {
	# botan benefits from -O3. Upstream is using it when testing.
	CXXFLAGS="$CXXFLAGS -O3" \
	python3 ./configure.py \
		--prefix=/usr \
		--mandir=/usr/share/man \
		--with-boost \
		--with-bzip2 \
		--with-lzma \
		--with-openmp \
		--with-sqlite3 \
		--with-zlib \
		--with-os-feature=getrandom \
		--disable-static

	make
}

check() {
	LD_LIBRARY_PATH="$builddir" ./botan-test
}

package() {
	make DESTDIR="$pkgdir" install
	# botan3 keeps the main name
	mv "$pkgdir"/usr/bin/botan "$pkgdir"/usr/bin/botan2
	rm -rf "$pkgdir"/usr/lib/python*
}

sha512sums="
323930fbabd833a6affd71f90835e4ca31a9632e346dee9c5f396aca898697d0f2993b860f739d02cdf49fa7fbb3a2d306c4790e5d5f39620b2dea284983669c  Botan-2.19.5.tar.xz
df811c8fa18fad4f3786e790f0ac5f14a60d51b881c28d5da46342d4907f59b2fea47e4f33e1aabf8aa335e1209936c8e671724e4ff942ac80e2df2c74d6da14  test_tls_stream_integration-timout_patch
"
